Cybercriminals perceive the pandemic as an opportunity to ramp up their criminal activities by exploiting the susceptibility of remote workers and public interest in COVID-related news.
Our lives have significantly changed over the last two years, shifting our daily routine almost entirely to the digital realm. Consequently, it posed more cybersecurity challenges and introduced additional opportunities for threat actors. As a result, the attention to high-quality malware prevention has risen along with the introduction of additional cybersecurity services. Yet, is it enough to get one or two security tools to combat malicious hackers? And how many would be enough?
To get a better understanding of what constitutes proper online security, we have interviewed Morten Kjaersgaard, the CEO of a cybersecurity company Heimdal™ Security.
Heimdal Security has been in the cybersecurity industry for over 10 years. What has your journey been like?
Challenging, exciting, and interesting. We have always sought to have Heimdal™ right at the forefront of the challenges the customers were facing. Those challenges have shifted with the market and size of businesses over time: ransomware, compliance, ease of use, unification of services, best-of-breed services – the list is long. Being very interested in the needs of the customer is what has driven us to this point where we now have the market’s only unified lineup whilst leading the way of protecting clients as well.
Can you introduce us to what you do?
We offer simple, world-class solutions for unified, intelligent cybersecurity. We help companies of all sizes close vulnerabilities related to cyber threats coming from DNS, HTTP, and HTTPS traffic, privileged access management, malware, (any) ransomware, as well as email threats. We help our clients achieve a layered defense, compliance, and, at the end of the day, a significant ROI and…peace of mind.
It is evident that you put a lot of effort into what is called threat hunting. Can you tell us more about this practice?
Threat (or malware) hunting is a proactive cyber defense technique based on the premise of compromise, allowing you to focus on hazards that may have gone unnoticed in your network. It combines methodology with cutting-edge technology and top-tier threat intelligence to ensure a proactive and ever-evolving approach to spotting abnormalities, unusual patterns, and other signs of compromise. Of course, at Heimdal™, we take a multi-layered strategy to threat hunting, which includes Threat Prevention, Next-Gen Antivirus, and Ransomware Encryption Protection. A standalone malware hunting sandbox and a malware hunting sandbox feature for the Email Security solution will be added soon.
How has the pandemic influenced the cybersecurity industry?
The pandemic has created a “new normal” and has offered cybercriminals many more attack possibilities and targets. As a result of government limitations implemented in reaction to the coronavirus pandemic, employees have been encouraged to work from home, and technology has become even more vital in both our professional and personal lives. Because of the increased vulnerability to cyber danger, the rise in remote working necessitates closer attention on cybersecurity. Cybercriminals perceive the pandemic as an opportunity to ramp up their criminal activities by exploiting the susceptibility of remote workers and relying on the public's intense interest in coronavirus-related news (e.g. malicious fake coronavirus-related websites).
The most common remote work-related security risks are unsafe Wi-Fi networks, using personal devices for work, unencrypted file sharing, email scams, ignoring basic security practices in public places, and, most importantly, ransomware and DDoS attacks. All these calls for major cybersecurity updates - absolutely any company that wants to avoid money, time, and reputation loss must implement and use threat prevention, email security, a powerful firewall, and antivirus, invest in cybersecurity awareness, and have a proper incident response plan in place.
Which of the two is most likely to experience cyberattacks – big enterprises or small businesses? What do cybercriminals typically look for when choosing their next target?
The statistics in the last couple of years show that 43% or more of the cyberattacks victims are small to mid-size enterprises. However, there are multiple other aspects that should be considered when talking about how cybercriminals choose their next target:
- Cyberattacks can be completely random - hackers can use a “spray-and-pray” strategy, after gaining access to a list of email addresses, for example. They might spread phishing campaigns or web-hosted malware delivery to as many people as possible, hoping that a significant number of people get infected.
- When cyber espionage is the goal, attackers may have pre-selected their target(s) for political, personal, economic, or other reasons. These attacks are typically carried out when the attacker wishes to harm an entity's or organization's image, reputation, or business operations.
- Other cyber attacks can be related to the industry, geo-location, or the kind of data that a possibly targeted company works with, and they mostly depend on the motivations of each cybercriminal or attack group.
One thing is certain, though: no one, no home user or company is safe or can be completely safe. Cybersecurity awareness, training, and efficient security solutions are, whether we like it or not, essential to the world we live in.
Insider risk is often described as one of the biggest challenges in cybersecurity, yet many organizations fail to take this type of threat into account. Why do you think that is the case?
Insider threat is, indeed, very dangerous, especially now, in the context of remote work. Companies may fail to take it into account because of how insidious this threat is and because they might not know all its implications. When saying insider threat, most people think of a malicious or revengeful employee that deliberately causes a data breach or something similar.
However, the random granting of privileged access can also be considered an insider threat. Misconfiguration of access policies, weak authentication methods, as well as too many privileges can all cause data breaches, significant fines, and everything that comes with it. To avoid such risks, it's absolutely necessary to use a Privileged Access Management solution and have a Zero-Trust policy.
As more companies switch to remote work, which security issues often remain overlooked?
Any of the security risks that (switching to) remote work implies can be overlooked if there is no clear plan of how to implement it. Any company should think about the relationship between cybersecurity and remote work from multiple perspectives: employee-related (including off-boarding, when necessary), device and software (file-sharing risks, video conferences tools, shared devices and, of course, physical security), network (working from multiple places with possibly insecure networks), organization (third party IT providers vulnerabilities, IT support).
Which personal cybersecurity solutions do you see trending in 2022?
I’m certain that Extended Detection and Response (XDR) will be a front-page element of any basic cybersecurity strategy, especially regarding the vulnerability management and Zero-Trust components. There is also another crucial aspect: there are many good solutions on the market. However, the thing that will make the difference and turn the scales will be unification - the ability to provide customers all the protection they need and real-time visibility into all the aspects of a company’s cybersecurity with only one solution, that can be managed from a single, intuitive dashboard.
Would you like to share what’s next for Heimdal Security?
We can’t divulge any details at the moment, but we suggest that people keep an eye on us in 2022. We are moving extremely rapidly this year to release technologies that will drive the trends of 2023.